<?php
include("mysql.php");
if(isset($_GET['name']) and isset($_GET['oldpwd']) and isset($_GET['newpwd']))
{
$name=$_GET['name'];
$oldpwd=sha1(htmlentities($_GET['oldpwd']));
$newpwd=sha1(htmlentities($_GET['newpwd']));
$check="SELECT * FROM  `user` WHERE  `name` =  '$name'";
$ret=mysql_query($check);
$row=mysql_fetch_array($ret);
//echo $row['pwd'];
//if($ret)
if(!$row['name'])
{
    echo'用户不存在';
    exit;
}
if($row['pwd']!=$oldpwd)
{
    echo'原密码错误';
    exit;
}
$id=$row['id'];
$mysql="UPDATE  `user` SET  `pwd` =  '$newpwd' WHERE  `id` ='$id';";
mysql_query($mysql);
//$row=mysql_fetch_array($ret);
echo '修改成功';
/* if($row){
    //$row=mysql_fetch_array($ret);
    echo $row;
    echo '密码修改成功';
    exit;
}
else{
    echo '密码修改失败';
    exit;
} */
}
else{
    echo "<br>请传入账户密码参数";
}
?>